27 April 2013

It has been a wild few weeks for Twitter and the Operational Risks associated with account hijacking and "Tweets" that may compromise the positions of active police activities. The Boston Police were
warning people via their official Twitter account:

The first official announcement that law enforcement agencies had concluded their manhunt for Boston Marathon bombing suspect Dzhokhar Tsarnaev didn’t come at a press conference by police commissioner Ed Davis or Mayor Tom Menino. It didn’t come from a press release or a dispatch over a police scanner. It came instead from two tweets:

Social Media and a hacked AP Twitter account were the catalyst for a sudden drop in the financial markets. As the news service realized what had occurred they contacted their employees in the White House briefing room to refute the information:

Twitter Inc. plans to bolster security on its site after the account of the Associated Press news service was hacked and an erroneous post triggered a stock- market decline, according to a person familiar with the matter.

Two-step authentication will be introduced to make it harder for outsiders to gain access to accounts, said the person, who declined to be identified because the information isn’t public. In addition to a password, the security measure requires a code sent via text message to a user’s mobile phone, or generated on a device or software.

Twitter’s defense against password theft came under scrutiny this week after a hacker sent a false post about explosions at the White House, triggering a drop that wiped out $136 billion in value from the Standard & Poor’s 500 Index.

Social Media is becoming a way of real-time situational awareness and organizations that have ignored the potential impact on its Operational Risk are now paying attention. Proactive steps are now being taken to not only monitor the daily feeds on official company twitter accounts and also upgrade the security of those feeds by using multi-factor authentication.

Companies such as Duo Security are going to start seeing an uptick in their web site activity as a result of these latest hacks on Twitter and others. Why? Because it works.

Corporate integration of public relations and information security are not anything new per se. What is getting more attention is how social media has become a catalyst for changing human behavior. Even more revealing is how automated trading systems react to a false tweet on Twitter. Have the algorithms gone too far in high frequency trading? Not really. HFT professionals don't let Twitter change their strategies. Here is a dose of reality:

There is little predictive value in the events of the, "Hack Crash." However, there are some key takeaways for traders. First is the importance of protective stops. One never knows what could happen next. Second, verify news reports. I have the AP's iPhone app, which alerts me to breaking news and had no mention of the tweet until after the fact. Therefore, the corporate disconnect between Twitter and their app was my first clue it was bogus. Finally, cut the high frequency traders some slack. Their programs are based on risk and reward just like our own and the liquidity they provide in times of dramatic events is exactly what allows us to get out of the market and keep some powder dry until the smoke clears.

What will continue to be an ongoing trend in corporate ranks is the need to continuously monitor social media and to spend the time on due diligence to determine what is real and what is simple "Information Operations." (IO) in the corporate ranks and across Wall Street is the name of the game. Those who understand how to manage their monitoring and deal with the daily anomalies will be able to mitigate the major risks to the enterprise.

Our only hope is that the thousands of major law enforcement agencies across the globe, are doing the same. @Boston Police is a good place to start with any lessons learned.

06 April 2013

The U.S. Nationwide SAR Initiative brings the conversation of privacy and intelligence collection to a point of convergence. Guidance for local, regional and state agencies can be found in the "Building Communities of Trust" (BCOT) program being rolled out across the country.

The continued priority is to safeguard the privacy, civil rights, and civil liberties of United States citizens (including the assurances that not only is information shared appropriately with authorized personnel but that the information that is exchanged is “quality” information). Can a nation continue to increase it's daily home town "Situational Awareness" while simultaneously preserving the constitutional rights and trusted relationship with its own citizens?

The Suspicious Activity Reporting (SAR) initiative is about Homeland Security Intelligence (HSI) engineered for the United States, to insure privacy and civil liberties of its citizens. Governance of vital intelligence data is at the core of the program design, combining the correct process for access and compartmentalization and the retention policies on certain types of relevant information.

The BCOT Guidance describes the challenges that must be addressed by fusion centers, local law enforcement agencies, and communities in developing these relationships of trust. These challenges can only be met if privacy, civil rights and civil liberties are protected. For fusion centers, this requires strong privacy policies and audits of center activities to ensure that the policies and their related standards are being fully met. For law enforcement agencies, it means that meaningful dialog and collaboration with communities needs to occur in a manner that increases legitimacy of the agency in the eyes of that community. Law enforcement must establish legitimacy in the communities they serve if trusting relationships are to be established. For communities, their leaders and representatives must collaborate with law enforcement and share responsibility for addressing the problems of crime and terrorism prevention in their neighborhoods.

Relationships of trust will not be established until key community leaders understand the intent of the information sharing environment and the preventive role that fusion centers and the SAR process plays in protecting the community from crime and violence. A fully transparent explanation can be the foundation for broad community understanding of the importance of these initiatives as well as the critical privacy, civil rights, and civil liberties protections that are in place.

The issue of trust is paramount in any relationship, whether it be personal or a JTTF working in concert with the local Metropolitan Police Department. In either case, the "Four Cores of Credibility" are necessary for humans to operate at the "Speed of Trust":

Integrity - is deep honesty and truthfulness. It is who we really are. It includes congruence, humility and courage. To increase your integrity, make and keep commitments to yourself. Stand for something and then live by it. Be open. Do you seriously consider other viewpoints?

Intent- is your fundamental motive or agenda and the behavior that follows. It includes motive, agenda and behavior. To improve your intent, examine your motives. Are everyone's interests being served? Share the "why" behind the "what" wherever possible.

Capabilities - is our capacity to produce and accomplish tasks: talents, attitudes, skills, knowledge and style. To build your capabilities run with your strengths. Match your strengths to unique high-value opportunities. Know where you are going and keep the vision in front of you.

Results - is your track record. People evaluate you on three key indicators of performance. Past, current and anticipated. To improve your results take responsibility and adopt a "results" mind-set. Expect to win and create a climate of high expectations. Finish strong and avoid the "victim mentality."

Trust in a relationship and an environment of trust in the economy, national security or the stock market makes all the difference. The behaviors that you exhibit in public and behind closed doors with your stakeholders will set the tone for everyone inside and outside the organization. Can you think of any companies or people over the past two years that you have lost trust in?

When a person loses trust in another person, a company or its government, in many cases it comes back to information governance. The time, place and method for information dissemination or sharing will in many cases, become the basis for the reason why trust is maintained or eroded in the eyes of the other.

Suffice it to say that more than ever, "Open Source" information is becoming the starting point for all intelligence collection activities. In the context of the corporate policy regarding the use of systems, most if not all companies have the right to monitor all applications for "Red Flag" indicators of fraud, espionage or other violations of state and federal laws. Corporations are using "Open Source" information to determine the initial profile of potential candidates for open positions including the analysis of FaceBook or LinkedIn social networking sites.

Executive Order 12333 emphasizes US citizens rights:
The Executive Order maintains and strengthens existing protections for Americans' civil liberties and privacy rights. The Executive Order retains and reinforces the provisions in place in the original Executive Order 12333 to ensure that all intelligence activities are conducted in a manner that protects the civil liberties and privacy rights of Americans. All collection, retention, and dissemination of information regarding United States persons must be conducted in accordance with procedures approved by the Attorney General.

The future of "Building Communities of Trust" in the United States will require significant investments in building awareness, training front line officers and implementing effective oversight mechanisms. It will be achieved without the sacrifice of the rule sets established in 1791.

About

Operational Risk is defined as the risk of loss resulting from inadequate or failed processes, people, and systems or from external events. The definition includes legal risk, which is the risk of loss resulting from failure to comply with laws as well as prudent ethical standards and contractual obligations. It also includes exposure to litigation from all aspects of an institutions activities.

"The Only Thing Necessary For Evil To Triumph Is For Good Men To Do Nothing." --E. Burke